Today at WWDC 2020, Apple announced several new privacy enhancements in iOS14 that will debut in September. We’ve been long anticipating these changes, and have been working to prepare for this since our announcement a year ago on the formation of the Mobile Attribution Privacy group. (See more details here, and join the Slack group here).
The good news for consumers: more privacy.
The good news for marketers: it’s not game over for data-driven marketing.
Some of the changes to Apple’s SKAdNetwork framework are extremely promising. Apple’s SKAdNetwork improvements suggest that not only are they listening to what app publishers need, but that we will still be able to provide tools for sophisticated marketers.
In addition, Singular has a number of upcoming privacy-preserving solutions that we will announce shortly.
Opt-In for IDFA
Starting with iOS 14, apps will need to receive permission from users in order to use the Identifier for Advertisers, the IDFA. To be clear, this is explicitly granting permission to track users across apps and services.
Straight from the documentation:
“Your app needs to request permission to track sometime before tracking occurs. This could be at first launch or when certain app features are used. For example, when signing on with a third-party SSO.”
Looking at the documentation for iOS 14, we can confirm that when the “Ask App Not To Track” button is clicked, the app will not be able to access the device’s IDFA, and receive the same value as if the Limit Ad Tracking mechanism is turned on. In short, until a user grants authorization, all identifiers will be zeroed out.
One piece of good news if you want to use the IDFA and believe it’s something that your users will want?
The message will be customizable. “App developers need to provide custom text, known as a usage description string, which is displayed as a system-permission alert request,” Apple’s documentation says.
That means you’ll be able to make the case to your users that opting in is a good thing for them.
Let’s be frank, however.
The vast majority of people who see a message like the above are not going to opt in. When they see that a publisher wants permission to track them across apps and websites owned by other companies … forget about it.
So you’re going to have to be ready to live without IDFAs.
Checking for IDFA status
Apple is deprecating the isAdvertisingTrackingEnabled function. In order to check if a user has actually enabled measurement, developers will need to check the AppTrackingTransparency framework.
Changes to SKAdNetwork
Apple has also made multiple changes to SKAdNetwork, the class that validates advertiser-driven app installations. We’re going to go in-depth on this in a follow-up blog post tomorrow — and a webinar — but here’s the quick overview:
Apple added timers, which likely means that the conversion notification won’t be immediate. This is probably a privacy-enhancing move.
Apple added a mechanism to update a conversion value. This may be an initial method to attach limited post-install KPIs to the conversion notification, which of course is crucial for optimizations.
Apple added Redownload/Reinstall support, which is always nice to know.
Apple added Source App ID to recognize the publishing app (this is huge because we can now facilitate publisher-level granularity).
There are quite a few more changes, but we’ll continue researching them and update on those later in our in-depth follow-up post.
Finally: new App Privacy section
Later this year, your app’s App Store product pages will start to feature summaries of your self-reported privacy practices, plus a link to your privacy policy. That includes both data gather via the app that is used to track users elsewhere plus data that publishers might access outside the app and link to users’ profiles in the app. Example: purchases, web browsing history, location data, and other demographic information.
Starting today, Singular is giving our unified marketing data and analytics platform to all SMB marketers for free, with no commitments, for half a year—180 days. In addition, we’ll provide advanced training from industry experts on marketers’ toughest growth and data management challenges.
Marketers at the fastest-growing companies have access to technology and training that others don’t. Singular wants to address the training gap, as well as the technology. To this end, we’re offering best-in-class webinars and workshops on key topics that show marketers how to harness their data to address performance and consumer behavior shifts, and provide ways to leverage this data effectively across organizations.
We’re giving access to our Starter tools for free to alleviate the issues that small and medium-sized businesses are encountering during the coronavirus pandemic. Singular unifies data across all of a marketer’s ad networks and channels, enabling them to assess the performance of their campaigns and make better, faster decisions to grow their business.
Now more than ever, marketers need to prove ROI. They need to be able to shift strategies rapidly to adapt to changing consumer behavior and make smart advertising decisions. Others are growing fast in our shelter-in-place reality and need the tools to scale campaigns efficiently. And almost all of us are now working remotely and need to stay in alignment with our colleagues with a single source of truth for Marketing, BI, Finance, Creative, and Executive teams.
In short, it’s a really tough time for SMB marketers right now. Not only are they under a lot of scrutiny—they’re having to justify their work and protect their very existence.
By offering our unified marketing data and analytics platform for free for half a year, we hope that marketers hardest hit by COVID-19 will have the help they need to ride out and overcome the worst effects of the current downturn. They’ll gain a single source of truth for marketing performance; automated, aggregated access to all of their marketing data; and a platform that aligns all of their teams on the same tailored business metrics.
Other things advertisers can do during this difficult time
Outside of our offer, there are several strategic things SMB advertisers can do today to keep their business stable—if not growing—during this time:
Report on ROI daily to demonstrate the value of your work, cut ineffective ad spend, and only invest in what’s working for your business
Make sure you have near real-time reporting for key KPIs to quickly react to shifts in performance or consumer behavior
Analyze your users’ lifetime value and how COVID-19 has impacted it
Plan around negative (drop in ARPU) and positive (drop in CAC) scenarios
A few more things to keep in mind….
Beware of fraudsters
In addition, now’s a good time to double down on fraud prevention. With so many “bad actors” coming out of the woodwork during this pandemic, take extra precautions to protect your data, reporting, and apps.
Look at cross-device performance
Make sure you’re getting the full picture when it comes to your advertising efforts. That means being able to connect marketing spend data to conversions across devices and platforms. Now more than ever, the effectiveness of every ad dollar is only as good as the accuracy of your ROI analysis.
Learn more about how Singular can help
If you’re interested in learning more, Singular has industry-leading solutions that can help with both fraud prevention as well as cross-device attribution.
The learning curve: continued marketing education
We’ve seen so many great sources of information (and inspiration) pop up online over the last few months: cooking classes, workout routines, music festivals, and more. People are also starting things they’ve wanted to for a long time, like music lessons and catching up on reading lists.
As folks spend more time at home, this is a good opportunity to level up your skills. Invest some time now to make yourself a better growth expert by learning SQL and Python. (You’ll thank me later.)
Why? As marketers grow more dependent on their BI team, it’s useful to develop the knowledge to understand marketing analytics more deeply. By learning SQL basics, marketers will be able to query their own data, come up with their own conclusions, and become more independent. With Python, you can be self-sufficient in automation and more innovative with your work.
The role of data scientist has become a game-changer in the advertising space. At a minimum, learning how to pipe data into reporting will empower you and your BI team to speak more of the same language.
We’re in this together
A Singular team member recently asked me if I’d had any moments of pause during our shelter-in-place due to COVID-19. I’ve had so many. As we’ve shifted to working from home (I feel for you, fellow parents), buckled down to focus on how we can be even more effective, and understood the pressures that many businesses face, one thing has stood out for me…
We’re living history right now. These times will be in history books.
How we respond to the challenges we face says who we are as a global community. It also demands that business leaders summon our best selves to give back and lift up.
There can be a tendency to get lured into a constant stream of news headlines and CDC data. At the end of the day, you realize that the most effective thing you can do is just stay home and weather the storm, and to connect with friends and family in ways that are meaningful and make sense given current events.
As I see people come together—for each other, healthcare workers, neighbors, and businesses—I know we’ll get through these challenges. We’ll conquer a pandemic and bring our best selves to whatever lies ahead.
I often hear about security questions our customers are asking regarding our mobile attribution SDK security. It usually comes up when companies are evaluating a new attribution provider, and either submit an RFP/RFI document or run their own checklists. What’s interesting is that nine times out of 10, the SDK security questions center around two topics:
Do you have an open/closed source SDK?
Do you have an SDK encryption mechanism?
These questions are natural—stakeholders want to make responsible decisions for their business. This is especially true in today’s world where the MMP is the source of truth, one that fraudsters are constantly trying to manipulate.
The problem is: these mechanisms, and some others, are over-hyped by other MMPs and not real security measures. They’re the absolute basics, like remembering to lock the door when you leave the office.
But they don’t offer any real protection. Instead, they provide a false sense of security.
In this article, I’ll explain a bit more about why SDK security is such a difficult problem, why the aforementioned mechanisms aren’t real security, and what Singular’s doing to continue to provide strong protection against fraud.
What’s so hard about securing the SDK?
SDKs are pieces of code that run inside a mobile app. Their main function is to collect and report data like app opens, user events, revenue, and metrics to a server (e.g., Singular’s servers). They also support some functionality like deep linking, fraud prevention, etc. Since apps communicate with their servers over the internet, there’s an inherent challenge of verifying this communication is indeed originating from a real device and a real user.
As such, two of the most commonly used techniques for securing SDK communication are adding encryption and closing the source. The point is to make it hard to fake authentic communication, but it’s actually security through obscurity—which is a big “no no” in the world of security. As a result, advertisers have a false sense of safety and are easy pickings for fraudsters.
The best analogy is wax seals, used in the Middle Ages, to seal letters and authenticate the sender. Sadly, in today’s age, wax seals aren’t truly effective tools for security. Anyone motivated enough can find a way to produce perfectly similar wax seals, and fool the letter’s recipient into believing it’s an authentic communique.
SDK encryption
A standard play in the obfuscation game involves attempts to use encryption to “verify” that the data being sent by the SDK to the server is indeed authentic data.
Encryption algorithms rely on a secret key established between two parties. In our case that would be the SDK and the server. The encryption algorithm, combined with the secret key, enables you to create authenticated, encrypted messages.
While this sounds like a marvelous idea, there is one small flaw in this plan. The SDK that resides inside the app needs to know the secret itself. Most apps that we know, even the paid ones, are publicly available for download in the App Store / Play Store, which means that anybody can get ahold of the secret key. Not so secret anymore… is it?
The way to extract the key is quite simple:
Download the app binary (APK for Android, IPA for iPhone)
Depending on the platform, you may need to decrypt the binary with publicly available tools
Reverse engineer the binary and get the SDK encryption key
For skilled individuals—certainly ones who are financially motivated (fraudsters)—this can be done in seconds if it’s automated by software, or minutes if done by hand.
Does closed source matter?
Probably the best example of security through obscurity is the claim some vendors make about how their closed-source approach is “essential when fighting ad fraud,” while other vendors claim they “live by open source.”
Sadly, it’s all BS.
Since this is almost a religious matter for some people, I’ll avoid picking sides. Instead, I’ll simply explain why no option really provides security against faking SDK traffic:
Open source claims that by being open and transparent with your code, it’ll be easier to weed out bugs and to be audited. As such, you’re creating a more secure environment. The obvious downside is that your entire security mechanism is open for all, and you can see how it works (i.e., you can see how someone generates their wax seal).
Closed source claims that by being closed and obfuscated with your code, it’ll be harder to find bugs and be audited, and as such you’re creating a more secure environment. While it makes it difficult for people to understand how your security mechanism works, there are processes like reverse engineering that any semi-skilled fraudster could utilize that basically reveal something quite close to the original source code. Which means that if you try hard enough… you can still learn how the security mechanism works!
What you need to understand is that it’s all an obfuscation game, and it’s not real security.
How do we secure our mobile attribution SDKs?
First off, we do the basics. Closed-source SDK and SDK encryption are the basics, and we’ve done them since the first version of our SDK.
Second, we developed proprietary methods for iOS and Android that leverage a chain of trust. This chain helps enforce that devices communicating with our servers are real devices, owned by real people.
As the leader in enterprise fraud prevention, Singular is the only vendor with these capabilities. Using this technology, we’ve saved our customers from wasting hundreds of millions of dollars on fraudulent activities. This is not just us raising the bar, but making it virtually impossible to spoof our traffic.
If you’re unsure about your current security and want to talk to our fraud and security experts, come talk to us: fraud@singular.net.
Who says working mothers in tech can’t find the perfect work-life balance?
Unfortunately, that was the word on the street—or more accurately, among my friends at tech companies—when I mentioned I wanted to return to work at 20% time after having my second child, Talya.
The First Maternity Leave
A bit of background: In one of the first posts on my personal blog, I discussed returning to work after maternity leave for Gaya, my eldest.
You’d think I wouldn’t worry about a second maternity leave. However, with Gaya, I was working in a global, relatively slow-moving corporation. By the time I had Talya, I was at Singular, an innovative startup in hyper-growth. Being away for half a year is an eternity in Singular terms. I knew what I was leaving but had no idea what would happen when I came back.
On top of that, most of my current colleagues aren’t parents. Very few are mothers of small children. Although this is gradually changing at the company, I often feel the difference—I have non-standard working hours and late meetings, and engage less in office small talk.
Enter Baby No. 2
Over the two years I’d been at Singular, we always found a way to make things work for me and the company. We were flexible and creative and just made it happen.
And yet—when I shared the news about my pregnancy, I was still insecure. All my concerns came back: What would the reaction be? Would it affect my advancement? How would we ramp my work back up when I returned?
But hey…
There was actually nothing to stress about. Everything had worked out so far, and I was sure it would again. I already knew the culture. There was simply no reason giving birth again would have a work impact. Still, I couldn’t shake my anxieties around it. (I also wrote about it on my blog.)
Striking a Post-Maternity Balance
When I was on maternity leave with Gaya, I didn’t really disconnect. I kept track of major developments in the office and with clients. This made it much easier to return to full-time work.
This time, I thought it’d be great to come back to work gradually, instead of being so plugged-in while trying to care for a newborn.
Instead of going from zero to 200%, it seemed wiser to ramp back up slowly—starting part-time, a few hours a day, a few days a week.
As I explained to the company, this way I’d be there for Talya in her first months while keeping up with company business.
To my pleasant surprise, Singular said yes.
I still had some concerns and reasons to hesitate. But, I was optimistic and hoped we could really make it work.
Ready, Set…Work
The thing is, I wasn’t ready to go back to work at all. Things at home were too hectic, and my every thought centered on my children and my family.
Despite all of this, Singular management was extremely supportive. They understood the changes my family was going through, and didn’t pressure me to come back.
After four or five months, things suddenly shifted for me. I thought about work—I figured I could start in a 20%-time position, and after a set period of time, I’d go back to full-time.
I suggested to the company that during the part-time period, I’d do anything to help the team, such as admin or back office.
I set low expectations, knowing no one had done this before—only two female employees had come back in a full-time capacity after three months. I hoped for the best.
Thankfully, my initial, little idea became a big breakthrough for me and my family. The company not only accepted my terms—my managers thought out of the box and created a special project tailored to me, where I could use my skills, increase my value, and help my team (way to go!).
As I started working part-time, I realized how much our product had changed, and I was delighted to have an easy restart. Talya was getting used to her new nanny. (Plus a special thanks to my mother, who took care of Talya while I was away and helped me out a lot.)
On Singular’s side, it meant I came back earlier than planned.
Most importantly, it signaled to all other female employees that Singular welcomes mothers and supports a flexible framework for coming back from maternity leave.
This was a pure win-win.
An Added Bonus
Now, about breastfeeding and pumping—breastfeeding is super important to me. But I hate pumping so much! I can’t stand the noise, the mess, and sitting there waiting for the bottle to fill.
When I went back to work after having Gaya, I refused to pump. The second time around, it’s been different because we have a nursing room. It’s a nice, cozy, private little space, with a small refrigerator and a sofa, that gives me all the privacy and intimacy I need for pumping. Pumping at work isn’t so bad anymore.
A Modern and Sympathetic Workplace
This is the organizational culture I always go on about. I’ve written about the major role that corporate culture plays for me. As a mother of two small children, the unfortunate truth is that wanting to work is not enough. I have to belong to a company that understands me and accepts me as a mother. A company with a flexible mindset that allows me to maneuver according to my needs. I’m thrilled Singular is here for me and grows just like its loyal employees do. No wonder our turnover rate is one of the lowest in the industry.
And I grew, too. I now know when stresses are mostly mine and when they’re unwarranted, even if I still don’t understand the source of the stress itself—why was I so afraid? Is it all just me? Am I hypercritical of myself because I think of pregnancy and birth as obstacles to a career? Or is it because I feel my needs as a mother are special in the office and require unique adjustments?
No matter what stories and speculations I hear, I can trust myself more now. I know that I started by carefully choosing a company with a great culture, and that there’s no reason why things would be different with a family-changing event like birth. Singular chose me very carefully for the skills, knowledge, and experience I contribute, and provided me with the flexibility I needed to maintain a strong work/motherhood balance. That’s a great way of solidifying an already solid commitment to one’s work, team, and company.
We’re excited to announce we’ve achieved Amazon Web Services (AWS) Retail Competency status. So what exactly does that mean? As an AWS Retail Competency Partner, we’ve demonstrated technical expertise and proven success with our retail customers including StitchFix, Wish, Warby Parker, Minted, Souq, Atom Tickets, Snapdeal, Tophatter, plus several other Fortune 500 brands (we can’t list publicly).
Singular is built to provide a single source of truth for marketing performance – a challenge marketers & BI teams everywhere desperately need to solve for with today’s complex ecosystem. We simplify marketing data by automatically combining your most important datasets including marketing campaign data, user-behavior/attribution data and BI data for accurate insights needed to grow at scale. As experts in AWS technologies and as a certified Advanced Technology Partner in the AWS Partner Network (APN), we consult our customers on how to build advanced marketing tech stacks. We’ve become the de facto solution to power the internal BI of the top growth marketing teams in the world.
Check out some recent resources on how we’re helping retail brands:
“We’re excited to have achieved the AWS Retail Competency,” Eran Friedman, our CTO & Co-founder reflects. “Our team has been dedicated to helping growth teams of top global brands scale their businesses by better leveraging their marketing data, which is especially important for retail companies where customer engagement is a critical component of their overall strategy. And with the agility, breadth of services and pace of innovation that AWS provides, we’ve been able to make marketing data more accessible than ever to BI teams.”
AWS enables scalable, flexible, and cost-effective solutions for startups to global enterprises. To support the seamless integration and deployment of these, AWS established theAWS Competency Program to help customers identify Technology APN Partners with deep industry experience and expertise.
Our retail customers see huge returns after investing in Singular to streamline their growth marketing data. South Korea’s largest retail app,Home & Shopping, saw a 73% increase in ROI after Singular automatically collected and unified campaign data from 30+ sources with our native attribution to understand and optimize marketing performance.
With Singular, Home & Shopping sees 73% increase in ROI
Will we soon be living in a post-IDFA world? It’s hard to say, but there are some reasons to prepare for it, which is why Singular has established the Mobile Attribution Privacy working group.
In 2019 so far there have been over 1,000 privacy breaches exposing over 146 million records. That’s just one reason why privacy and data security are becoming increasingly important, both from a regulatory standpoint and a customer trust point of view.
Recently, we met with representatives from companies including Lyft, AirBnB, Twitter, WB Games, Jam City, DraftKings, Oracle, Branch, Unity, the Mobile Marketing Association, LUMA Partners, and many others as part of a Mobile Attribution Privacy (MAP) working group. Our goal as advertisers and vendors: talk about options for measuring marketing while serving the privacy needs and desires of customers and users … even if the IDFA goes away.
Post-IDFA: what we talked about
In our first meeting, we talked about whether this was mobile and web, or mostly just mobile. The consensus: we’re going to keep this primarily focused on mobile attribution.
We also talked about Google advertising ID, and whether that should be part of the conversation. Though it seems that Google would be much less likely to abandon their primary identifier than Apple, we decided that we should look at global solutions for both Android and iOS.
One of the things we unanimously agreed on: we need to be focused on the needs of people: users and customers. If something doesn’t matter to users, it shouldn’t matter to us, and conversely, if it does, then it needs to be a core concern for marketers and marketing technology vendors.
This is one of those things that sounds simple but is actually complex.
For example, Apple cares first and foremost about their users, but to get these users to the iOS platform they need content providers to thrive and have an economic incentive to build for it. As one participant said: “People choose a phone based on where they can play Fortnite.”
And while big content creators could survive removal of device identifiers (by switching to something else – like an email address), many smaller ecosystem players would struggle to survive, as this will greatly deteriorate people’s ability to know who their users are and where they came from.
Broadening the conversation
Two interesting ideas that have legs came up. And they’re both ways to broaden the conversation.
One is to bring this discussion to the IAB, the Interactive Advertising Bureau, and perhaps create a working group focused on Mobile Identifiers. The IAB, after all, is dealing with other privacy-related topics. Another is to view this area as an extension to the GDPR and CCPA (California Consumer Privacy Act) legislation. Both are valid suggestions, and we’ll be looking into both options.
And finally, we spoke about multiple device identifier options:
Auto-rotating (short-lived) IDFAs
If the IDFA auto-rotated, say weekly or monthly, Apple would limit how long you can track any particular user. This should permit proper advertising attribution. One question yet to answer: can an app developer stitch the rotating IDFAs together as long as the user is active within their app? Some would consider that app activity as a “meaningful relationship” which may permit doing so; others might consider it a violation of privacy.
Google Play Referrer equivalent
Google has an excellent mechanism for passing referrer context into Google Play that the app can then query upon installation. Again, this would enable attribution. The obvious problem here is that enabling this type of link tracking makes it impossible to prevent vendors from appending a device ID, click ID, or other form of identification that could be connected to a specific person.
SKAdNetwork
This is somewhat of a similar concept: you pass info to the App Store, but it’s not exposed to the installed app. The data is controlled by the operating system, and the amount of data you can pass along is greatly limited. In its current form this feels immature, but that could change with serious interest from major players.
And the conversation continues
Ultimately, we’re going to continue the conversation. We’re also going to broaden it to new players, and we invite anyone who is an interested party to be part of the next meeting of the Mobile Attribution Privacy group, either in person or via videoconferencing.
If you’d like to be part of the Mobile Attribution Privacy (MAP) Coalition, please join us in the MAP Slack group. There, you’ll be able to connect with other industry folks who are working to move the digital marketing community forward in this new, more privacy-safe world.
People are definitely shopping a lot with smartphones. But buying? Not as much, at least not today. According to comScore’s 2016 Future in Focus report, people spend 60% of their digital shopping time on smartphones, yet spend 16% of their digital commerce dollars via mobile.
That leaves a gigantic gap – one that merchants are anxious to close. That’s why retailers are taking lots of steps to boost their mobile commerce revenue. Here are seven of the most common approaches they’re taking.
1. Speeding Up Sites for Easier Mobile Shopping
Whether they leverage responsive design, adaptive design, or separate mobile and PC sites, most retailers know that site speed and frictionless buying experiences are critical to driving their m-commerce growth. In the early days of mobile shopping, many retailers created an m.brand.com site to keep the “core” PC experience optimized for the dominant screen type. But when six shopping minutes out of ten take place on a handset, it’s clear that the core experience is now on the mobile screen.
And major retail sites are getting better at delivering to that core every day. Part of this improvement has come from a refocus on optimization metrics other than page weight. A couple of years ago, “time to Interaction” (TTI) enjoyed some popularity as a better alternative. It focused on the amount of time it takes for the user to be able to interact with a still-loading page.
These days, many retailers focus on a somewhat higher bar: the time it takes to render a decent looking and behaving web experience. Google’s algorithms emphasize the time it takes for above-the-fold content to load. Content farther down the page, or “heavy” plug-ins, can still be loading, but the consumer already has a decent experience with which to interact.
2. Launching and Growing mCommerce Apps
US merchants are adopting a strategy that’s very common internationally – focusing on building their app-based mcommerce. Apps enable shopping experiences tailored specifically to a phone and provide more experiential control. They also enable richer personalization. And people just plain like them better than mobile websites.
Latest figures show that almost 90% of connected mobile time takes place in apps versus the mobile web. Apps also make a variety of improved merchandising strategies and tactics possible. Push notifications, for example, enjoy open and interaction rates FAR more than email metrics. Then there are the thousands of mobile-only and app-mostly retailers that have sprung up worldwide. In developing markets, the success of these businesses reflects the massive role that mobile connectivity plays in the lives of their consumers.
Singular enables data-oriented marketers to connect, measure, and optimize siloed marketing data, giving them the most vital insights they need to drive ROI. The unified analytics platform tracks over $7 billion in digital marketing spend to revenue and lifetime value across industries including commerce, travel, gaming,entertainment and on-demand services.For more information, click here.
3. Beefing Up Companion Apps
Many brick and mortar sellers are also expanding distribution of apps that enhance the in-store shopping experience. Companion apps in retail provide special offers, access to reviews and content, pair messaging to a user’s location in a store, and the like.
Macy’s, for example, is working hard to improve its already strong companion app cred. They offer rewards points account management, store-location-triggered content and offers, scan and learn content, and exclusive discounts for app users when they shop the store.
Another fitting example is Chico’s the women’s apparel retailer. Chico’s views personal relationships between customers and associates as integral to their success and growth. Smartphones enable associates to recall and leverage customer preferences for a more tailored and personal in-storeexperience.
Apps can also help retailers better leverage unique mobile capabilities, like geolocation. Finally, apps are great for making loyalty programs easier. All the shopper data from such programs can help personalize app content to a specific user. And as we all know, more personal almost always means more profitable.
4. Streamlining Content
Mobile shopping often begins with a different mindset than desktop shopping. Users want to get to the goods faster and are often willing to transact more if the content available to them is succinct and focused.
Shorter headlines. Little or no body copy. An emphasis on optimized imagery. These are the watchwords of mobile commerce and shopping apps in 2019. And they are all implemented to appeal to mobile shoppers and how their preferences are different when surfing the small screen.
5. Improving Business Processes
Many retailers are working diligently to reduce the friction that can impede purchases. Here are some of the most common ways they are doing this:
Requiring Registration: This one can seem counterintuitive because the need to register is consistently rated a top reason for cart abandonment. But if you can get a user to register in a mobile app (or on a website) early, then you can auto-populate forms and steps later. Lost first-time sales can be more than made up for with repeat sales to registered users. Requiring registration is also proving invaluable as a strategy to reduce fraud – so much so that many retailers are reconsidering whether they should have a guest checkout path at all.
Fairly Distributing Coupon Codes: Have you ever gotten to a checkout page that asked for a coupon code that you didn’t have? It can be frustrating to realize that you are not getting the best deal. My strategy is to fill a cart and then Google for coupon codes – tens of millions of other shoppers do the same. But research also shows that many shoppers abandon carts they feel cheated out of getting the best possible deal. Sneaky coupon distribution can also be a profound way of turning off your best customers if you focus your discounts on new users only. Many retailers are moving to distributing codes on their own sites instead of (just) shopping comparison sites. Others are doing away with codes altogether, or making coupon code blanks less prominent – findable, but not front and center.
Showcasing Shopping Carted Items: Lots of people want to look over the items in their shopping carts before they transact. Retailers that make that task easy – and provide strong visuals of the goods on offer – tend to convert mobile shoppers better.
Requiring Fewer Pages and Steps: Amazon 1-Click is the best example of this. But many other retailers are also working hard to reduce the number of steps and amount of data entry required to make a purchase.
Providing Security Assurance: Many people still view mobile as less secure for transactions than PC. By providing verbal and visual assurance of strong security, retailers can mitigate some of the risk of losing wary would-be mobile transactors.
Ensuring Cost Transparency: Lots of people drop off when they get surprised by high shipping and handling fees. Brands that make shipping information and costs clearer seem to convert more mobile shopper.
6. Encouraging Mobile Payments
We’re all familiar with the optimized mobile experience for retail sales like Apple Pay – “proximity mobile payments” in the vernacular. Lots of retailers are experimenting in this area, with a broad range of success rates to increase conversion rates from the hassle of adding credit card information. In the US, Starbucks is widely believed to be the best at transitioning shopper behavior to mobile payment. 21% of their transactions now take place via mobile phone – something that also simplifies user participation in their loyalty program. The explosion of payment services is driving increases in penetration – but it also appears to be contributing to a bit of consumer confusion as shoppers try to identify services with the broadest reach and best features. In addition, in-aisle checkout options that leverage smartphones are also growing in popularity – both using kiosks and leveraging UPC readers on the devices themselves.
7. Making Mobile-Exclusive Offers
To grow m-commerce, retailers need users to buy more and buy more often, and therefore need a user experienceoptimized for mobile. Many retailers are implementing mobile-exclusive offers to both drive more app launches mobile site visits and motivate incremental purchases. Lots of such merchants emphasize discounts in their mobile offers and we’ll continue to see this spike during holiday shopping, especially on Black Friday. But an increasing number are also testing and implementing approaches in which unique, upmarket goods and experiences are made available only to mobile shoppers. Fashion house Zegna was an early mover here, offering live streaming and exclusive merchandise way back in 2012. But a variety of other online retailers has followed suit.
The Stores, They are a Changin’
Retail is a category in tremendous transition, and mobile is a key pillar as they chase new mobile and online sales opportunities and adapt to be more relevant to today’s shoppers. From the big box discounters to couture emporia, most retailer leaders know that success today requires flexibility. And a robust mobile marketing plan.
Singular is the pioneer in unifying campaign data and attribution data from thousands of media sources to provide a single source of truth for granular ROI analysis. As such, our partners sit at the core of our technology, providing data excellence that drives the intelligent insights in order for marketers to scale performance.
To hold our partners accountable at the highest level of data integrity, we are excited to announce the launch of the Singular Certified Partner Program!
The Certified Partner Program (CPP) is our commitment to the industry to set the standard for data integrity within our partner ecosystem. Therefore, we raised the bar high with strict requirements to be considered for the program. We categorized these requirements into three main areas of focus:
Data excellence
The partner is passing both aggregated campaign data and user-level attribution data
Data governance
The partner is passing all campaign analytics data via an API, has complied with GDPR, and has committed to combating mobile app fraud.
Service commitment
The partner has a minimum designated list of mutual customers, is receiving training across relevant business teams on the Singular platform, and has committed to ongoing market development and account mapping efforts.
After an extensive audit across our integrated partners, we identified 12 launch partners that met all requirements and showcased the highest value to our advertisers. We are pleased to announce the following partners as part of the Certified Partner Program launch!
Jeremy Bondy, VP Revenue, Vungle
“Vungle is excited to be an inaugural member of Singular’s Certified Partner Program, which will create the gold standard of data integrity for the mobile app industry. As the trusted guide for mobile growth and engagement, Vungle looks forward to championing these new practices through Singular’s CPP and improving ROI for advertisers”
Sarah Chafer, SVP, Global Performance Sales, Tapjoy
“We are extremely proud to be a trusted participant in the Singular Certified Partner Program. As a leader in the mobile app industry for over 10 years, our mission is to provide the transparent & qualified campaign data that all marketers deserve.”
Troy Nicolaou, Director of Performance, AdColony
“We are proud to be a part of the Singular Certified Partner Program and to continue our collaborative investment in bringing the highest value to the best and brightest marketers around the world.”
Over the course of the year, we will be working closely with all our integrated partners to build everyone to the same level of excellence as our launch partners. Together we are the trusted source for marketing intelligence and look forward to further setting industry standards.
Singular has always taken pride in pioneering the unification of campaign data from thousands of media sources with attribution data and customer data. The result is unrivaled granular ROI analysis for the best and brightest marketers in the world.
We were at the forefront of integrating Apple Search Ads at inception in October of 2016 and have since enabled our customers to grow and scale performance by 48% in spend year over year. That is almost 2X the pace of total spend across all media channels!
Now with the recent recognition as an Apple Search Ads Partner, we have an opportunity to keep our customers on this same trajectory.
Apple Search Ads offers one of the most efficient and simple ways for people to discover your app on the App Store for iPhone and iPad, as proven by the numbers. Looking at Singular customers’ advertising withApple Search Ads, we observed a 39% increase in app installs from 2017 to 2018 with a 5% decrease in cost per install.
What about my return?
Our goal is to help advertisers efficiently scale performance. Clearly, revenue and ROI are key considerations for app publishers.
If we look at 2018 compared to 2017, Singular customers boosted revenue from Apple Search Ads driven app installs by 5.5%. Additionally, looking at 30 day revenue in Q1 2019, we saw an average ROI of 36%.
According to SensorTower, this scale doesn’t appear to be slowing down. Projections call for Apple Search Ads’ platform to increase 104% from 2018 to 2023 globally.
“With 65% of all iOS app downloads originating from the App Store and emphasis on factors like relevancy to improve discoverability, Apple Search Ads is in a unique position to consistently provide the highest ROI for app marketers,” says Singular COO and co-founder Susan Kuo. “We are excited to continue collaborating with Apple Search Ads as a recognized partner and look forward to providing our customers with new product innovations that further improve their App Store performance.”
Tracking your success
Tracking your Apple Search Ads performance is simple with Singular.
Prior to Apple’s recent World Wide Developer Conference, there were rumors spreading about potential changes to Apple’s IDFA (Identifier For Advertising). As it turned out, Apple was just restricting apps in the Kids category: they can no longer use third-party analytics or advertising.
That’s in line with Apple’s strong privacy story and what it has done in WebKit, the engine that powers the Safari web browser. Already two years ago Apple released Intelligent Tracking Prevention to limit cross-site tracking and third-party cookies, and version 2.2 was just recently released.
But whether we’re talking iOS, Android or the web, the drift of the mobile ecosystem is towards increased privacy. And that impacts marketers.
So where do we go?
At Singular, we’ve spent considerable time imagining and planning for a world where mobile apps and marketers would have to survive in a privacy-safe environment without a common device identifier like IDFA on devices.
In fact, we think there’s an opportunity to re-engineer some components to create a world that is privacy safe, marketer friendly, and fraud-free (as a big bonus). And we’re ready to ask others to join us (keep reading for more details).
Measurement and privacy
Prior to 2012, advertisers and marketers measured the effectiveness of their iOS campaigns using iPhone UDID (Unique Device Identifiers). UDIDs were not privacy-safe because they were unchangeable and permanent, which enables limitless tracking of users essentially in perpetuity.
In an early step to increase privacy, Apple created a semi-permanent identifier called IDFA (IDentifier For Advertising) to address the need for marketers to understand which ads and campaigns work, while also protecting consumers. An IDFA is essentially a random, unique number that, by itself, reveals no personally identifying information. In addition, it was designed to be reset by the consumer if anyone decides to do so.
The IDFA quickly became a central mechanism for the entire mobile marketing ecosystem on iOS, and has a role in countless systems and scenarios, from targeting, retargeting, analytics, rate limiting, personalization, identity, and more.
But what would the world look like without it?
The world without IDFA
After years of relying on an identifier like the IDFA, imagining the marketing world without it at all is challenging. What are some of the main challenges of living without the IDFA … and what alternatives exist?
Last-Touch and Multi-Touch Attribution Models Mobile attribution providers use IDFAs to identify a device, and link an ad impression or click to a mobile app install. Or, essentially, any conversion.
Without a deterministic link such as the IDFA, both last-touch, as well as multi-touch attribution, will become much more challenging. Essentially, it won’t be easy to plot out the customer journey in a reliable manner.
As a result, attribution providers will have to look for alternatives. (Keep reading for one of them.)
People-Based Attribution
One of the holy grails for marketers is to track individuals not only across apps, but also across devices. This is useful for marketers because it helps understand true human behavior, which oftentimes happens between devices.
People-based attribution has been the topic of many announcements from multiple mobile measurement companies lately, mostly because it would be amazing to solve that challenge on a holistic level.
There is one major challenge, however.
Privacy.
Concepts like the “persona graph” or “device graph” are problematic by nature, as they require cross-app and cross-domain (web) tracking. Seeing what Apple’s WebKit team has been writing about Intelligent Tracking Prevention and hearing what CEO Tim Cook has been saying about privacy, it’s pretty clear where Apple lands on cross-domain tracking.
Guess what: removing the IDFA would have a major impact on tracking users across apps. And that adds up to a very problematic future for a “people-based attribution” vision.
Fraud Prevention Fraud prevention solutions rely on ad identifiers to ensure the accuracy of advertising attribution. Some types of fraud can be eliminated or reduced with this identifier. Deleting the IDFA could lead to weaknesses for fraudsters could exploit.
One example?
Click spammers could more easily fake a click as if it came from a device, thereby taking credit for conversions that they are not responsible for.
Campaign Optimization Ad networks and marketers rely on their ability to link an ad campaign to a particular user in order to understand how their campaigns are performing. That tells marketers what their ROI is, or informs other KPIs that provide valuable feedback.
Without an IDFA connecting the dots between ads and app installs, this will be challenging.
And that could impact marketers’ ability to optimize their campaigns, as well as ad networks’ ability to do so. Think about how your ad networks optimize heavily towards post-install events today — some in a very black box manner.
All of that could be disrupted.
Retargeting Retargeting often works by identifying a segment of users we would like to communicate with. Example: people who added an item to a cart, but did not make a purchase.
These segments are then pushed to ad platforms dedicated for retargeting in order to bring people back into your app.
The way segments are communicated today in the mobile universe is mostly based on advertising identifiers. Making these ineffective would dramatically impact the ability to retarget your customers. Marketers would have to resort to other means of identifiable information, such as email addresses, which won’t necessarily be a good step forward in terms of privacy.
It’s worth noting this situation would also tilt the playing field in a number of ways:
Marketers that collect emails from their users would have a significant advantage. Not every app does that, and bigger, more trusted brands can do so more effectively than smaller ones.
Big ad networks (Facebook/Google/etc.) that have their customer’s emails would do better. Smaller ad networks, with thousands of smaller publishers, most likely do not have those emails, which could therefore not be used for targeting purposes.
So what are the alternatives?
Alternative #1: Fingerprinting
If you think about it, app marketers already live with one IDFA-less world: mobile web.
Given the mobile browser’s inability to access the IDFA, marketing measurement companies use a technology called fingerprinting to attribute web-to-app conversion flows. Fingerprinting collects mobile device attributes like IP addresses, device types, software versions, and more, and uses them to create a “signature” that probabilistically identifies a device.
That same signature is collected both on the click and when the advertised app is launched. Then the two are matched, with some statistical error.
In a world without IDFA at all, the app to app conversion flows could simply mimic the web to app flows, using fingerprinting in much the same way.
Downsides
Privacy!
Fingerprinting can work with fairly high levels of accuracy (80-95%, depending on devices and available information) but it can be seen as an invasive and non-permissioned type of tracking. In a way, it may work against the very thing that Apple is trying to achieve: more privacy for users. It also has GDPR implications, which would be problematic since it’s not always clear how to obtain user consent when fingerprinting. Or, even if you can ask for it, it’s an open question whether you’d get it.
Inaccuracy Fingerprinting uses device attributes such as IP, OS Version, Device Model, and other parameters. While it can have high levels of accuracy, it is still probabilistic not deterministic, and therefore it can have poor accuracy under certain circumstances. Device attributes are not always unique, and some (like IP address) change often. Therefore, the signature can either match the wrong device to an activity, or not match at all.P.S.: Some mobile attribution vendors position low-accuracy fingerprinting products, like matching on an IP subnet, as a feature not a bug!
Fraud Fraudsters can leverage a fingerprinting-first world. For example, click spammers wouldn’t need to fire clicks for a large number of device IDs. Instead they could use various techniques to generate clicks for common signatures, thereby cheating marketers and disrupting ad networks’ ability to do their jobs and get paid for it.This is a problem especially with iOS. The number of possible iPhone signatures is pretty small since many devices are extremely similar in terms of software versions and hardware models.
Limited attribution models
While fingerprinting can solve for last-touch attribution models, it will make the attribution windows shorter. And, it will be significantly more complex to store multiple touchpoints based on the fingerprint, given their short life-span. This in effect enables short-lived last-click or view-through attribution, but not more advanced multi-touch attribution models.
Retargeting
While fingerprinting solves for attribution, being able to communicate a segment to a third-party retargeting company will be impossible without some shared identity. Emails could be used in some cases, but not in all.
Positives
The statistical nature of fingerprints increases, to some degree, the privacy of particular individuals, and makes it impossible to completely deterministically track users.
This is already a pre-existing solution that enables the entire ecosystem to continue to function the day after IDFA. ROI could still be calculated. Partner postbacks are still possible, and advertisers’ BI setups could stay in tact. This is more important to consumers than some might recognize: advertising pays for the massive amount of free content and experiences the internet provides.
Alternative #2: SKAdNetwork
There’s another potential solution available.
In March of 2018, Apple released a framework called SKAdNetwork that enables attribution of mobile app installs without exposing the IDFA.
Background SKAdNetwork works by having the mobile operating system become a privacy-oriented mediator between the publisher (the app where the ad is shown), the advertiser (a different app being advertised) and the ad network (that places the ad in the first place).
The ad network displaying the ad in the publisher’s app will have to pass special parameters to the iTunes Service process on the device when an ad click happens. These values will be stored, and if the app was installed as a result of that click, and subsequently launched, the device will send a postback to the ad network in a pre-agreed path between Apple and the ad network.
The postback tells the ad network — and therefore the advertiser — that the ad was successful.
The beauty about the process from a privacy point of view is that the postback does not contain any device identifiers, thus disassociating the identity of the clicking device from the installing device. The postback itself is signed by Apple, which allows the ad network or any third party to verify it, and thereby know that an actual install truly happened from that ad click.
There are some downsides, however.
Downsides
View-through attribution
Forget about view-through attribution … viewing events are not part of the SKAdNetwork model, and therefore would not be available for attribution.
Multi-touch attribution
SKAdNetwork only stores the last click that led to the App Store open, which means that MTA models would be impossible. To be fair, in today’s privacy-sensitive world, impression data from the top publishers (Facebook, Google, Apple, etc) is not available anyway. That already great limits the capability of achieving MTA, so perhaps the loss here isn’t massive.
Campaign optimization
Matching down-funnel events such as revenue and purchases to the ad campaign would be impossible with how SKAdNetwork is implemented today. This is also a tricky area for Apple to implement without running the risk that malicious parties would collaborate to decipher a user’s identity. For example, the app could intentionally send conversion events that could be used to identify the user. A possible path for implementation would be similar to what WebKit proposed here where the number of possible conversions will be limited to 64, and a delay (24 to 48 hours) would be introduced to make it difficult to correlate between conversions and an existing user. But doing so on a mobile device that goes offline could also be tricky.
Retargeting
While SKAdNetwork can help with attribution, being able to communicate a segment to a third party retargeting company will be impossible without some shared identity. As we’ve already seen above, emails could be used in some cases, but not in all.
Positives
Accuracy
SKAdNetwork makes a direct connection between a click and an install without relying on the IDFA. This kind of connection could even survive an IDFA reset — something that consumers can do at any time they wish.
Fraud prevention
SKAdNetwork provides advantages that aid in fraud prevention.
The first advantage is that Apple is verifying the install, and that the install is tied to a valid Apple ID. There’s already an existing mechanism for that available today (shameless plug: one that Singular is doing a better job than anyone else preventing fraud with that mechanism, and provides superior results).
The second advantage is that Apple verifies there was user intent to open the App Store, with the ad click information associated with it. In addition, that ad click information is digitally signed by the ad network, therefore limiting malicious publishers in their attempts to generate fake ad clicks.(For a deeper deep dive into SKAdNetwork and Fraud, subscribe to our blog and stay tuned for a dedicated article.)
Overall, there are some major advantages here, and we see the opportunity to expand SKAdNetwork into a complete — and privacy-safe — solution.
Announcing MAP: the Mobile Attribution Privacy working group
I think SKAdNetwork holds great potential, and deserves wider adoption, but it also requires more work. We at Singular want to be part of that process, and help improve it, and drive adoption.
To harness the power of the technology, we want to make it more effective and relevant for marketers while preserving its privacy protections for consumers.
Therefore, Singular has decided to formally launch MAP, an open working group for mobile marketing stakeholders. That includes marketers, publishers, ad networks, attribution providers, marketing analytics companies … and people, the people who own smartphones and use apps.
The goal of the working group is to address some key points:
Conducting a comprehensive analysis of the post-IDFA world
Drafting a proposal for SKAdNetwork improvements, including a privacy-preserving way to utilize SKAdNetwork to analyze cohort data, and addressing other key gaps
Building out an API specification for data transfer between the ad network and the mobile measurement partner communication in an SKAdNetwork world
Driving adoption of SKAdNetwork in the mobile ad ecosystem.
I’m asking our customers, partners, and fellow mobile measurement and analytics vendors to partner with us in this effort. Together, I think we can shape the future of that protocol, and work together to ensure proper, safe, legal, and ethical design and implementation.
If you’d like to be part of the Mobile Attribution Privacy (MAP) Coalition, please join us in the MAP Slack group. There, you’ll be able to connect with other industry folks who are working to move the digital marketing community forward in this new, more privacy-safe world.
